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DETAILED ACTION 



1 . Claims 1-14 are pending in this office action. 



2. Applicant's arguments, filed January 26, 2007, have been considered and are 
persuasive. However, a new ground of rejection is made. 

Claim Rejections 

3. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

Claim Rejections - 35 USC § 103 

4. Claims 1-7 and 9-13 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over McClure et al. (U.S. Patent Pub. No. 2003/0195861) in view of Edmison et al. (U.S. 
Patent Pub. No. 2003/0115321). 

Regarding claims 1 . 5. and 9 . McClure et al. teaches a firewall test 
system/method, comprising: 

• A first test device located on an untrusted side of said firewall (fig. 1 , ref. num 
104), the first test device including: 
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o A session signal generator for transmitting a communications session 
initiation signal using an IP address corresponding to said signal source to 
establish a communications session to be conducted through said firewall 
(fig. 5 and paragraph 0013); 

o A probe signal generator for generating test signals at a range of ports in a 
first side of said firewall through which media signals may be transmitted 
when said ports are open, said test signals including said IP address 
(paragraph 01 30). 

McClure et al. does not teach timing synchronization circuitry for synchronizing 
said session signal generator and said probe signal generator to at least one of another 
test device and a clock signal source located external to said first test device and a 
second test device located on a trusted side of said firewall, the second test device 
including: means for monitoring a second side of said firewall to detect any transmitted 
test signals that pass through said firewall and an analysis module for identifying any 
open ports that are not associated with an established communications session, which 
passed at least one of said transmitted test signals, as enroneously open ports. 

Edmison et al. teaches timing synchronization circuitry for synchronizing said 
session signal generator and said probe signal generator to at least one of another test 
device and a clock signal source located extemal to said first test device (fig. 2, ref. num 
42 and paragraph 0040-0041 ) and a second test device located on a trusted side of 
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said firewall, the second test device including (fig. 1, ref. num 10 and 20): means for 
monitoring a second side of said firewall to detect any transmitted test signals that pass 
through said firewall (paragraph 0040) and an analysis module for identifying any open 
ports that are not associated with an established communications session, which 
passed at least one of said transmitted test signals, as erroneously open ports 
(paragraph 0010). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine timing synchronization circuitry for synchronizing and 
an analysis module for identifying any open ports that are not associated with an 
established communications session, which passed at least one of said transmitted test 
signals, as erroneously open ports, as taught by Edmison et al. . with the method/system 
of McClure et al. It would have been obvious for such modifications because 
synchronizing the times between the two test devices timestamps for accurate 
measurements between the two test devices and a canier can detemilne 
performance/safety problems based on erroneously open ports. 

Regarding claims 2 and 10 . McClure et al. as modified by Edmison et al. teaches 
wherein said probe signal generator generates IP packets which include said IP 
address as a source address (see paragraph 0035 of McClure et al.). 
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Regarding claims 3 and 1 1 . McClure et al. as modified by Edmison et al. teaclies 
wherein said analysis module includes: 

• Means for determining from at least one session initiation signal at least one port 
associated with the established communication session that should be open (see 
paragraph 0361 of McClure et al.); and 

• Means for generating an error signal indicating that said at least one port 
associated with the established communication session is enroneously closed if a 
test signal is not detected passing through said port to the second side of said 
firewall (see fig. 3, ref. num 339 of McClure et al.). 

Regarding claims 4 and 13 . McClure et al. as modified by Edmison et al. teaches 
wherein said first test device further includes: 

• An analysis module for monitoring the second side of said firewall to determine If 
said first test signal passed through said firewall (see fig. 3, ref. num 324, 326, 
and 339 of McClure et al.); and 

• A report generation module for reporting a firewall error if it is detennined that 
said first signal passed through said firewall (see paragraph 0032 of McClure et 
al.). 



Regarding claims 6 and 7 . McClure et al. as modified by Edmison et al. teaches 
wherein further comprising: 
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• Operating tlie [first/second] test device to communicate information identifying 
ports througii which test signals were detected passing through said firewall from 
the [second/first] side to the [second/first] test device (see fig. 4 of McClure et 
a!.); and 

• Operating the [second/first] test device to generate a test report Including 
information about the status of unidirectional ports used to communicate signals 
from the first side to the second side and unidirectional ports used to 
communicate signals from the second side to the first side (see fig. 2, ref. num 
212 of McClure etal.). 

Regarding claim 12 . McClure et al. as modified by Edmison et al. teaches 
wherein the test signal generator of said first test device includes means for transmitting 
a first test signal at the first side of said network firewall from the signal source using an 
IP address that is not associated with any ongoing communications session being 
conducted through said firewall prior to said communications session initiation signal 
being generated (see paragraph 0034 of McClure et al.). 

Claims 8 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
McClure et al. (USPGPub. 2003/0195861) in view of Edmison et al. (USPGPub. 
2003/0115321), and further in view of Read (U.S. Patent Pub. No. 2004/0028035). 
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Regarding claims 8 and 14 . l\/lcClure et al./Edmison et al. teaclies all the 
limitations of claims 1, 3, 5, 7, and 9. However, McClure et al./Edmison et al. does not 
teach wherein said session signal generates at least one of SIP and H.323 compliant 
signals. 

Read teaches wherein said session signal generates at least one of SIP and 
H.323 compliant signals (paragraph 0094). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine using SIP or H.323 compliant signals, as taught by 
Read , with the method/system of McClure et al./Edmison et al. It would have been 
obvious for such modifications because SIP and H.323 are common signals for 
generating sessions between computers using TCP and UDP for transmitting voice 
data. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S. Hoffman whose telephone number is 571- 

272- 3863. The examiner can nomially be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supen/isor, Nasser G. Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 
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